﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using final_darskade.Models;
using System.Web.Security;

namespace final_darskade.Controllers
{
    public class AccountController : Controller
    {
        public static string error = "";
        
        [HttpGet]
        //[RequireHttps]
        public ActionResult Index()
        {
            if (Session["UserName"] != null)
            {
                string username = (string)Session["UserName"];
                user user = (from row in Helper.database.users
                             where row.username == username
                             select row).First();

                string role = (string)Session["Role"];
                if (role == "admin")
                    return View("AdminPage");
                else if (role == "professor")
                {
                    return Redirect("/Prof/");
                }
                else if (role == "student")
                    return View("StudentPage");
            }
            return View("PublicPage");
        }

        [HttpPost]
        public ActionResult Login(LogInModel model)
        {
            if (model.ValidateUser())
            {
                Session["UserName"] = model.username;
                user user = (from row in Helper.database.users
                             where row.username == model.username
                             select row).First();

                string role = user.role.role_name;
                Session["Role"] = role;
                if (model.FirstLogin())
                    return RedirectToAction("FirstLogin");

                if (Session["redirect"] != null)
                    return Redirect((string)(Session["redirect"]));
                else
                {
                    return RedirectToAction("Index");
                }
            }
            else
            {
                return View("PublicPage");
            }
        }
        
        //[RequireHttps]
        //[ExitHttpsIfNotRequired]

        [HttpGet]
        public ActionResult ForgetPassword()
        {
            Session["forgetpass"] = true;
            return View("ForgetPassword");
        }

        [HttpPost]
        public ActionResult ForgetPassword(LogInModel model)
        {
            var query = from u in Helper.database.users
                        where u.username == model.username &&
                                u.security_question == model.security_question &&
                                u.security_answer == model.security_answer
                        select u;
            if (query.Any())
            {
                string newpassword = Membership.GeneratePassword(10, 2);
                user found = query.First();
                found.pass = Helper.getMd5Hash(newpassword);
                Helper.database.ApplyCurrentValues(Helper.database.users.EntitySet.Name, found);
                Helper.database.SaveChanges();
                Helper.sendMail(found.email, "your new password", "Your new password is " + newpassword);
                return View("MailSent");
            }
            else
            {
                //error, wrong answer
            }
            
            return View("ForgetPassword");
        }
        
        [HttpPost]
        public ActionResult FirstLogin(FirstLogin fmodel)
        {
            ViewData["Error2"] = "";
            fmodel.username = Session["UserName"].ToString();
            string username = Session["UserName"].ToString();
            user user = Helper.database.users.SingleOrDefault(x => x.username == username);
            fmodel.password = Helper.getMd5Hash(user.pass);
            
            if (fmodel.fold_pass != fmodel.password)
                ModelState.AddModelError("fold_pass","Password is not correct.");
            
            if (ModelState.IsValid)
            {
                user.pass = Helper.getMd5Hash(fmodel.new_password);
                user.security_question = fmodel.security_question;
                user.security_answer = fmodel.security_answer;
                user.is_first_login = false;
                Helper.database.ApplyCurrentValues(Helper.database.users.EntitySet.Name, user);
                Helper.database.SaveChanges();
                return RedirectToAction("Index");
                    
            }
            else
            {
                return View("FirstLogin");
            }
        }

        public ActionResult FirstLogin()
        {
            return View("FirstLogin");
        }

        public ActionResult LogOut()
        {
            Helper.database.SaveChanges();
            Session.Abandon();
            return RedirectToAction("Index");
        }

    }
}
